<<<<<<< HEAD
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

class Password extends MY_Controller {
	
	function __construct(){
		parent::__construct();
	}
	
	function index(){
		
	}
	
	function zhs_forget(){
		$data = array();
		$this->load->helper('captcha');
		$act = $this->input->post('typer');
	
		if($act == 'email' || $act == 'phone'){
			$ret = array('msg'=>'');
			$captcha = $this->input->post('captcha');
			$email = $this->input->post('email');
			$ca_key = $this->input->post('ca_key');
			$username = $this->input->post('username');
			
			if($email == '' &&  $act == 'email'){
				$ret['msg'] = '请填写邮箱';
			}if($ca_key == '' &&  $act == 'phone'){
				$ret['msg'] = '请填写手机验证码';
			}elseif($username == ''){
				$ret['msg'] = '请填写会员昵称';
			}elseif ($captcha =="" ){
				$ret['msg'] = '验证码不能为空';
			}elseif ($captcha!=$_SESSION['captcha']){
				$ret['msg'] = '验证码不正确';
			}
			$this->load->model('User_model', 'user');
			if($act == 'phone'){
				$phone = $this->session->userdata('zhs_phone');
				$user_id = $this->user->get_userid_by_username($username);
				if($user_id) {
					$user =  $this->user->get_realname_by_id($user_id);
					if($phone && $user['phone'] != $phone)  $ret['msg'] = '非法操作';
					else if($this->session->userdata($phone) != $ca_key) $ret['msg'] = '手机验证码不正确';
				}
				else $ret['msg'] = '会员昵称不存在';
			}
			else {
				$where = array(
					'username' => $username,
					'email' => $email
				);
				$userinfo = $this->user->get_one($where,'user_id');
				if(!$userinfo){
					$ret['msg'] = '邮箱和会员昵称不匹配';
				}
			}
			if($ret['msg'] !=''){
				echo json_encode($ret);
				exit;
			}
			if($act == 'phone'){
				$password = rand_string ( $user ['phone'], 8, 3, 13 );
				$this->load->library ( 'phone' );
				$msg = "尊敬的 ".$username." 用户，您的找回密码初始为：" . $password.",请及时登录修改";
				$res = $this->phone->send ( $user ['phone'], $msg );
				if($res == '0'){
					$md5 = md5(MD5($password));
					$res = $this->user->update(array('password'=>$md5),array('user_id'=>$user_id));
					$ret['info'] = '1';
					$ret['msg'] = "密码初始化成功，请及时登录修改";
				}
				else $ret['msg'] = "密码初始化失败，请稍后再试";
			}
			else {
				$res = $this->notice_email(2,$userinfo['user_id']);
				if($res){
					$ret['info'] = '1';
						$ret['msg'] = '邮件发送成功，请从邮件内容里的链接地址重置密码，该链接有效时间1小时，请及时操作！';
				}else{
						$ret['msg'] = '邮箱发送失败，请稍后再试或者联系客服！';
				}
			}
			echo json_encode($ret);
			exit;
		}
		
		$this->load->view('user/zhs_user_pwd_forget',$data);
	}
	
	function getpwd(){
		$data = array('msg'=>'');
		$act = $this->input->post('act');
		$this->load->library('func');
		$str = $this->input->get('check');
		if(!$str){
			$data['msg'] = '无效链接';
		}else{
			$str = $this->func->authcode($str,"DECODE");
			$tmp = explode(',',$str);
			if(count($tmp)==4){

				if(time()-$tmp[3] > 3600){
					$data['msg'] = '无效链接';
				}else{
					$this->load->model('User_model', 'user');
					$tmp[0] = intval($tmp[0]);
					$userInfo = $this->user->get_by_uid($tmp[0]);
					if($userInfo && strtolower($userInfo['username']) == strtolower($tmp[1]) && strtolower($userInfo['email']) == strtolower($tmp[2])){
						$data['user'] = $userInfo;
						if($act == 'set'){
							$ret = array('msg'=>'','url'=>'');
							$pwd1 = $this->input->post('pwd1');
							$pwd2 = $this->input->post('pwd2');
							if(!isset($pwd1[5])){
								$ret['msg'] = '密码长度不够';
								echo json_encode($ret);
								exit;
							}elseif($pwd1 != $pwd2){
								$ret['msg'] = '两次密码不一致';
								echo json_encode($ret);
								exit;
							}else{
								if($userInfo['password'] == md5(md5($pwd1))){
									$ret['url'] = '/login/index/index.html';
									echo json_encode($ret);
									exit;
								}
								$setArr = array('password'=>md5(md5($pwd1)));
								
								$res = $this->user->update($setArr,array('user_id'=>$tmp[0]));
								if($res){
									$ret['url'] = '/login/index/index.html';
									echo json_encode($ret);
									exit;
								}else{
									$ret['msg'] = '操作失败';
									echo json_encode($ret);
									exit;
								}
							}
						}
					}else{
						$data['msg'] = '无效链接';
					}
				}
			}else{
				$data['msg'] = '无效链接';
			}
			
		}
		
		$data['title'] 						= "登录密码".' - '.CON_KEYWORDS;
		$this->load->view('user/zhs_user_getpwd',$data);
	}
	
	
	
	function zhs_paypwd(){
		
		$data = array('msg'=>'','url'=>'');
		$act = $this->input->post('act');
		$this->load->library('func');
		$str = $this->input->get('check');
		$user = $this->session->userdata('rsh_user');

		if(!$str && $act != 'set'){
			$data['msg'] = '无效链接';
			$data['url'] = '/user/zhs_center/index.html';
		}else{
			if(!$str) $str = $this->input->post('check');
			else $str = $this->func->authcode($str,"DECODE");
			$tmp = explode(',',$str);

			if(count($tmp)==4){
				if(time()-$tmp[3] > 3600){
					$data['msg'] = '无效链接';
					$data['url'] = '/user/zhs_center/index.html';
				}else{
					$this->load->model('User_model', 'user');
					$tmp[0] = intval($tmp[0]);
					$row = $this->user->get_by_uid($tmp[0]);
					if($row && $row['username'] == $tmp[1] && $row['email'] == $tmp[2]){
						$data['user'] = $row;
						if($act == 'set'){
							$ret = array('msg'=>'','url'=>'');
							$pwd1 = $this->input->post('paypwd1');
							$pwd2 = $this->input->post('paypwd2');
							$verify_code = $this->input->post('ver_code');
							$md5 = $this->session->userdata ($user ['phone']);
							if ($verify_code =="" ){
								$ret['msg'] = '验证码不能为空';
								echo json_encode($ret);
								exit;
							}elseif ($verify_code!=$md5){
								$ret['msg'] = '验证码不正确';
								echo json_encode($ret);
								exit;
							}else if(!isset($pwd1[5])){
								$ret['msg'] = '密码长度不够';
								echo json_encode($ret);
								exit;
							}elseif($pwd1 != $pwd2){
								$ret['msg'] = '两次密码不一致';
								echo json_encode($ret);
								exit;
							}elseif (!$this->myformcheck->isName ($pwd1)) {
								$ret ['msg'] = '无效会员昵称，必须[数字+字母]，其中只允许[~!#$^&?]字符';
								echo json_encode ($ret);
								exit ;
							}else{
								
								if($row['paypassword'] == md5(md5($pwd1))){
									$ret['url'] = '/user/zhs_center/index.html';
									echo json_encode($ret);
									exit;
								}
								$setArr = array('paypassword'=>md5(md5($pwd1)));
								$res = $this->user->update($setArr,array('user_id'=>$tmp[0]));
								if($res){
									$ret['url'] = '/user/zhs_center/index.html';
									echo json_encode($ret);
									exit;
								}else{
									$ret['msg'] = '操作失败';
									echo json_encode($ret);
									exit;
								}
							}
						}
					}else{
						$data['msg'] = '无效链接';
						$data['url'] = '/user/zhs_center/index.html';
					}
				}
			}else{
				$data['msg'] = '无效链接';
				$data['url'] = '/user/zhs_center/index.html';
			}
		}
		if(!$data['msg']) $data['check'] = $str;
		$data['title'] 						= "交易密码".' - '.CON_KEYWORDS; 
		$this->load->view('user/zhs_user_getpay',$data);
		
	}
	
}
=======
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

class Password extends MY_Controller {
    
	function __construct(){
		parent::__construct();
	}
	
	function index(){
		
	}
	
	function zhs_forget(){
		$data = array();
		$this->load->helper('captcha');
		$act = $this->input->post('typer');
	
		if($act == 'email' || $act == 'phone'){
			$ret = array('msg'=>'');
			$captcha = $this->input->post('captcha');
			$email = $this->input->post('email');
			$ca_key = $this->input->post('ca_key');
			$username = $this->input->post('username');
			
			if($email == '' &&  $act == 'email'){
				$ret['msg'] = '请填写邮箱';
			}if($ca_key == '' &&  $act == 'phone'){
				$ret['msg'] = '请填写手机验证码';
			}elseif($username == ''){
				$ret['msg'] = '请填写会员昵称';
			}elseif ($captcha =="" ){
				$ret['msg'] = '验证码不能为空';
			}elseif ($captcha!=$_SESSION['captcha']){
				$ret['msg'] = '验证码不正确';
			}
			$this->load->model('User_model', 'user');
			if($act == 'phone'){
				$phone = $this->session->userdata('zhs_phone');
				$user_id = $this->user->get_userid_by_username($username);
				if($user_id) {
					$user =  $this->user->get_realname_by_id($user_id);
					if($phone && $user['phone'] != $phone)  $ret['msg'] = '非法操作';
					else if($this->session->userdata($phone) != $ca_key) $ret['msg'] = '手机验证码不正确';
				}
				else $ret['msg'] = '会员昵称不存在';
			}
			else {
				$where = array(
					'username' => $username,
					'email' => $email
				);
				$userinfo = $this->user->get_one($where,'user_id');
				if(!$userinfo){
					$ret['msg'] = '邮箱和会员昵称不匹配';
				}
			}
			if($ret['msg'] !=''){
				echo json_encode($ret);
				exit;
			}
			if($act == 'phone'){
				$password = rand_string ( $user ['phone'], 8, 3, 13 );
				$this->load->library ( 'phone' );
				$msg = "尊敬的 ".$username." 用户，您的找回密码初始为：" . $password.",请及时登录修改";
				$res = $this->phone->send ( $user ['phone'], $msg );
				if($res == '0'){
					$md5 = md5(MD5($password));
					$res = $this->user->update(array('password'=>$md5),array('user_id'=>$user_id));
					$ret['info'] = '1';
					$ret['msg'] = "密码初始化成功，请及时登录修改";
				}
				else $ret['msg'] = "密码初始化失败，请稍后再试";
			}
			else {
				$res = $this->notice_email(2,$userinfo['user_id']);
				if($res){
					$ret['info'] = '1';
						$ret['msg'] = '邮件发送成功，请从邮件内容里的链接地址重置密码，该链接有效时间1小时，请及时操作！';
				}else{
						$ret['msg'] = '邮箱发送失败，请稍后再试或者联系客服！';
				}
			}
			echo json_encode($ret);
			exit;
		}
		
		$this->load->view('user/zhs_user_pwd_forget',$data);
	}
	
	function getpwd(){
		$data = array('msg'=>'');
		$act = $this->input->post('act');
		$this->load->library('func');
		$str = $this->input->get('check');
		if(!$str){
			$data['msg'] = '无效链接';
		}else{
			$str = $this->func->authcode($str,"DECODE");
			$tmp = explode(',',$str);
			if(count($tmp)==4){

				if(time()-$tmp[3] > 3600){
					$data['msg'] = '无效链接';
				}else{
					$this->load->model('User_model', 'user');
					$tmp[0] = intval($tmp[0]);
					$userInfo = $this->user->get_by_uid($tmp[0]);
					if($userInfo && strtolower($userInfo['username']) == strtolower($tmp[1]) && strtolower($userInfo['email']) == strtolower($tmp[2])){
						$data['user'] = $userInfo;
						if($act == 'set'){
							$ret = array('msg'=>'','url'=>'');
							$pwd1 = $this->input->post('pwd1');
							$pwd2 = $this->input->post('pwd2');
							if(!isset($pwd1[5])){
								$ret['msg'] = '密码长度不够';
								echo json_encode($ret);
								exit;
							}elseif($pwd1 != $pwd2){
								$ret['msg'] = '两次密码不一致';
								echo json_encode($ret);
								exit;
							}else{
								if($userInfo['password'] == md5(md5($pwd1))){
									$ret['url'] = '/login/index/index.html';
									echo json_encode($ret);
									exit;
								}
								$setArr = array('password'=>md5(md5($pwd1)));
								
								$res = $this->user->update($setArr,array('user_id'=>$tmp[0]));
								if($res){
									$ret['url'] = '/login/index/index.html';
									echo json_encode($ret);
									exit;
								}else{
									$ret['msg'] = '操作失败';
									echo json_encode($ret);
									exit;
								}
							}
						}
					}else{
						$data['msg'] = '无效链接';
					}
				}
			}else{
				$data['msg'] = '无效链接';
			}
			
		}
		
		$data['title'] 						= "登录密码".' - '.CON_KEYWORDS;
		$this->load->view('user/zhs_user_getpwd',$data);
	}
	
	
	
	function zhs_paypwd(){
		
		$data = array('msg'=>'','url'=>'');
		$act = $this->input->post('act');
		$this->load->library('func');
		$str = $this->input->get('check');
		$user = $this->session->userdata('rsh_user');

		if(!$str && $act != 'set'){
			$data['msg'] = '无效链接';
			$data['url'] = '/user/zhs_center/index.html';
		}else{
			if(!$str) $str = $this->input->post('check');
			else $str = $this->func->authcode($str,"DECODE");
			$tmp = explode(',',$str);

			if(count($tmp)==4){
				if(time()-$tmp[3] > 3600){
					$data['msg'] = '无效链接';
					$data['url'] = '/user/zhs_center/index.html';
				}else{
					$this->load->model('User_model', 'user');
					$tmp[0] = intval($tmp[0]);
					$row = $this->user->get_by_uid($tmp[0]);
					if($row && $row['username'] == $tmp[1] && $row['email'] == $tmp[2]){
						$data['user'] = $row;
						if($act == 'set'){
							$ret = array('msg'=>'','url'=>'');
							$pwd1 = $this->input->post('paypwd1');
							$pwd2 = $this->input->post('paypwd2');
							$verify_code = $this->input->post('ver_code');
							$md5 = $this->session->userdata ($user ['phone']);
							if ($verify_code =="" ){
								$ret['msg'] = '验证码不能为空';
								echo json_encode($ret);
								exit;
							}elseif ($verify_code!=$md5){
								$ret['msg'] = '验证码不正确';
								echo json_encode($ret);
								exit;
							}else if(!isset($pwd1[5])){
								$ret['msg'] = '密码长度不够';
								echo json_encode($ret);
								exit;
							}elseif($pwd1 != $pwd2){
								$ret['msg'] = '两次密码不一致';
								echo json_encode($ret);
								exit;
							}elseif (!$this->myformcheck->isName ($pwd1)) {
								$ret ['msg'] = '无效会员昵称，必须[数字+字母]，其中只允许[~!#$^&?]字符';
								echo json_encode ($ret);
								exit ;
							}else{
								
								if($row['paypassword'] == md5(md5($pwd1))){
									$ret['url'] = '/user/zhs_center/index.html';
									echo json_encode($ret);
									exit;
								}
								$setArr = array('paypassword'=>md5(md5($pwd1)));
								$res = $this->user->update($setArr,array('user_id'=>$tmp[0]));
								if($res){
									$ret['url'] = '/user/zhs_center/index.html';
									echo json_encode($ret);
									exit;
								}else{
									$ret['msg'] = '操作失败';
									echo json_encode($ret);
									exit;
								}
							}
						}
					}else{
						$data['msg'] = '无效链接';
						$data['url'] = '/user/zhs_center/index.html';
					}
				}
			}else{
				$data['msg'] = '无效链接';
				$data['url'] = '/user/zhs_center/index.html';
			}
		}
		if(!$data['msg']) $data['check'] = $str;
		$data['title'] 						= "交易密码".' - '.CON_KEYWORDS; 
		$this->load->view('user/zhs_user_getpay',$data);
		
	}
	
}
>>>>>>> d47623b610d79a4eeb489500830c00d70933f414
